Monthly Archives: June 2018

Widely used for application deployment automation, IBM UrbanCode Deploy provides both speed and control for DevOps teams. CyberArk solutions are widely used to help protect enterprises from cybersecurity threats by securely managing privileged accounts, secrets and other credentials.

Based upon customer demand, IBM and CyberArk have developed an integration between IBM UrbanCode Deploy and CyberArk Application Identity Manager that simplifies compliance requirements without interrupting the continuous delivery pipeline. The UrbanCode CyberArk plug-in is now available at no charge to UrbanCode Deploy customers. This plug-in complements other security-related integrations such as IBM AppScan Enterprise and IBM Application Security on Cloud and is now available from the UrbanCode Deploy Plugins page and also via the CyberArk Marketplace.

Many UrbanCode financial services customers have standardized on CyberArk for managing, securing and monitoring the passwords and other credentials used by privileged users. With this integration, companies using both UrbanCode and CyberArk can now strengthen their overall security posture while accelerating application deployment.

CyberArk Application Identity Manager is part of the CyberArk Privileged Access Security Solution. Using CyberArk, organizations can protect critical business systems by eliminating hard-coded credentials from application scripts, configuration files and software code as well as removing SSH keys from servers where they are used by applications and scripts. CyberArk offers agent and agentless deployment options to best meet the security and availability requirements of various business applications.

Use Case
One basic use case enables the CyberArk plug-in to allow UrbanCode Deploy processes to simply and securely reference passwords and other privileged credentials managed by CyberArk Application Identity Manager. For example:

Within an UrbanCode Deploy component process, a user can execute a step to simply and securely retrieve a password from their CyberArk password vault.

The retrieved password can then be used to authenticate with other systems.

Usage of the password and other credentials can be monitored and tracked (e.g., who/what/when) to meet audit and regulatory requirements.

CyberArk also offers other solutions designed to secure dynamic DevOps and containerized environments, including CyberArk Conjur Enterprise at www.cyberark.com/conjur and Conjur Open Source at www.conjur.org.

﻿﻿Over the past decade since the term DevOps was coined, software development has been transformed by a new agile approach which enables organizations to release innovative software faster and more frequently than ever before.

IBM is committed to being part of defining the future of the field and we’re excited to see that the discipline is now well on its way towards an exciting new phase: simultaneous development.

A growing number of companies are moving beyond the traditional DevOps approaches of applying lean and agile in isolated projects or teams. Today, the name of the game is what’s being dubbed as DevOps “Day 2,” a world that emphasizes scalability and teamwork. In such environments, development teams shift right, operations teams shift left and together they adeptly deliver and manage multiple, complex projects at the same time.

To meet the challenges of Day 2 DevOps, IBM is announcing IBM UrbanCode Deploy 7.0 and IBM UrbanCode Velocity 1.0, new solutions for managing continuous delivery across complex pipelines and optimizing the value stream.

Urban Code Deploy 7.0

UrbanCode Deploy is a mature, market-leading deployment and release automation solution. Version 7.0 is all about operating at scale: with a new endpoint management layer, we are seeing five to ten times the scalability of previous versions in our lab testing. This means you can manage tens of thousands of endpoints with a single UrbanCode Deploy server. This will save our clients money, and enable a single, centralized server to manage all the deployment processes and templates.

Additional enhancements mean that applications can share deployment processes to minimize maintenance and increase the speed of rollout. The new Safe Edit functionality places a code promotion flow around process changes, freeing teams to modify, test and promote processes with the confidence of knowing that changing a shared process will not break any of the applications that use it. We have also refreshed the UrbanCode User Interface to make it easier for new users to get productive quickly.

Urban Code Velocity 1.0

As DevOps adoption spreads across the enterprise, we see adoption leaders looking for better telemetry. How quickly are different teams delivering? Who’s accelerating and who’s stuck? How many builds, deploys, tests and releases are we doing? What’s the trend and what is the best practice? With UrbanCode Velocity, IBM is providing a simple tool to collect that data and deliver actionable insights.

Urban Code Velocity is far more than just reporting. As different teams implement continuous delivery they often start with their own pipeline tools. This is especially true given that cloud providers often deliver tailored deployment tools optimized for the platform. IBM does this in public cloud with IBM Cloud Continuous Delivery and in IBM Cloud Private with Microclimate (which includes Jenkins). When teams need to coordinate at a higher level than promoting a single service, UrbanCode Velocity helps them pull together a “pipeline of pipelines” to allow for easier coordination and continuous delivery - whether from one tool or many.

Day 2 DevOps

DevOps is ten years young and it is now the moniker for software-driven innovation done well. As enterprises scale DevOps to address Day 2 challenges, the IBM Urban Code team seeks to help them be as effective as possible. Today’s announcements thrill us: We know we are ready to help more teams to be effective at even greater scale.